How Storm left the world reeling in 2007

Storm is arguably the world's most sustained and successful computer malware campaign, writes Linton Chiswick. Named after the freak weather buffeting Europe through mid-January 2007, it appeared in the form of an email headed '230 dead as storm batters Europe'.

Hundreds of thousands of Storm emails were sent across the globe in an eight-hour period on Thursday, January 18, each containing a file that ­ if clicked ­ surreptitiously infected the recipient's PC, turning it into a part-time zombie member of the Storm botnet, a network of machines that could be controlled from afar.

Within four days, after six further attack waves, Storm accounted for 17 per cent of global email and eight per cent of all infections.

Following up with emails purporting to contain links to wildly scandalous news stories, videos and greeting cards, Storm's lightning-fast spread demonstrated the power of technology crossed with social engineering. The most successful attacks contained headlines people felt compelled to click.

By October last year, some analysts were estimating that as many as 50m computers had been infected. Their combined processing power formed, potentially, the world's most powerful supercomputer. And this was a supercomputer controlled by criminals.

The Storm botnet could be hired out to spammers, phishers or extortionists bent on bringing down legitimate computer systems.

After a lull in late 2007, there are renewed Storm warnings, with early signs that Valentine's Day 2008 might be used as the perfect date for sending tempting anonymous emails.

Meanwhile, the malware itself is becoming more sophisticated. It is able to self-mutate to avoid discovery. It is also capable of turning on those who seek to download and analyse it, and taking on a decentralised structure to hide its owners.

Most agree that the Storm botnet has never been completely tested. Its full destructive power ­ to steal and disrupt ­ remains, for now, a mystery. ·